CWE
264
Advisory Published
Updated

CVE-2007-4563

First published: Tue Aug 28 2007(Updated: )

Cosminexus Manager in Cosminexus Application Server 06-50 and later might assign the wrong user's group permissions to logical J2EE server processes, which allows local users to gain privileges.

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Hitachi Cosminexus Application Server=06_70_b
Hitachi Cosminexus Application Server=06_70_d
Hitachi Cosminexus Application Server=06_70_b
Hitachi ucosminexus service platform=07_00
Hitachi Cosminexus Application Server=06_50
Hitachi uCosminexus Application Server=06_72_b
Hitachi Cosminexus Application Server=06_50_f
Hitachi uCosminexus Application Server=06_70_b
Hitachi Cosminexus Application Server=07_10
Hitachi Cosminexus Application Server=06_70
Hitachi Electronic Form Workflow - Professional Library Set=07_00_b
Hitachi Cosminexus Application Server=07_00_1
Hitachi Cosminexus Application Server=06_70_b_1
Hitachi uCosminexus Application Server=07_00
Hitachi Cosminexus Application Server=06_72_1
Hitachi uCosminexus Application Server=07_10
Hitachi Electronic Form Workflow=07_00_b
Hitachi Cosminexus Application Server=07_00
Hitachi uCosminexus Application Server=07_10_06
Hitachi uCosminexus Application Server=06_71_b
Hitachi Cosminexus Application Server=06_70_b
Hitachi Cosminexus Application Server=06_50_c_1
Hitachi Cosminexus Application Server=06_51_b_1
Hitachi Cosminexus Application Server=07_00
Hitachi Cosminexus Application Server=06_50_e_1
Hitachi Cosminexus Application Server=06_71
Hitachi uCosminexus Application Server=06_72_1
Hitachi Cosminexus Application Server=06_50_e_1
Hitachi uCosminexus Application Server=06_70
Hitachi uCosminexus Application Server=07_00_12
Hitachi Cosminexus Application Server=06_51_b_1
Hitachi uCosminexus Application Server=06_70_b_1
Hitachi uCosminexus Application Server=06_70_b
Hitachi Cosminexus Application Server=06_50_c_1
Hitachi uCosminexus Application Server=07_10_08
Hitachi uCosminexus Application Server=06_71_b
Hitachi uCosminexus Application Server=07_10
Hitachi Cosminexus Application Server=07_10
Hitachi uCosminexus Application Server=07_00
Hitachi uCosminexus Application Server=07_10
Hitachi uCosminexus Application Server=06_70_b
Hitachi Cosminexus Application Server=06_50
Hitachi Cosminexus Application Server=06_72_g
Hitachi Cosminexus Application Server=06_51_c
Hitachi uCosminexus Application Server=07_00
Hitachi Cosminexus Application Server=07_10
Hitachi Cosminexus Application Server=06_50_c_1
Hitachi uCosminexus Application Server=06_71_c
Hitachi Cosminexus Application Server=06_51_c
Hitachi uCosminexus Application Server=07_10_1
Hitachi uCosminexus Application Server=06_70_a
Hitachi Cosminexus Application Server=06_50_f
Hitachi Cosminexus Application Server=06_50_c
Hitachi Electronic Form Workflow=07_00
Hitachi Cosminexus Application Server=06_50_b
Hitachi Cosminexus Application Server=06_72_c
Hitachi Cosminexus Application Server=06_70_b
Hitachi uCosminexus Application Server=07-00-01
Hitachi Cosminexus Application Server=06_50_c
Hitachi uCosminexus Application Server=06_71
Hitachi uCosminexus Application Server=06_70_b
Hitachi ucosminexus service platform=07_10
Hitachi Cosminexus Application Server=06_72_b_1
Hitachi uCosminexus Application Server=06_72_b
Hitachi uCosminexus Application Server=06_70
Hitachi Electronic Form Workflow - Professional Library Set=07_00
Hitachi Cosminexus Application Server=06_51
Hitachi Cosminexus Application Server=06_50
Hitachi uCosminexus Application Server=07_10
Hitachi Cosminexus Application Server=06_50
Hitachi Cosminexus Application Server=06_70_c
Hitachi ucosminexus service platform=07_10
Hitachi uCosminexus Application Server=07_10
Hitachi Cosminexus Application Server=06_51
Hitachi Cosminexus Application Server=06_72_d
Hitachi uCosminexus Application Server=06_70_a
Hitachi Cosminexus Application Server=06_50
Hitachi Cosminexus Application Server=06_50
Hitachi Cosminexus Application Server=06_50_c_1
Hitachi Cosminexus Application Server=06_71_b
Hitachi Cosminexus Application Server=07_10
Hitachi uCosminexus Application Server=06_70_d
Hitachi Cosminexus Application Server=06_50
Hitachi uCosminexus Application Server=07_00
Hitachi Cosminexus Application Server=06_50
Hitachi Cosminexus Application Server=06_70_a
Hitachi Cosminexus Application Server=06_50
Hitachi Cosminexus Application Server=07_00
Hitachi Cosminexus Application Server=06_50
Hitachi uCosminexus Application Server=06_70_g
Hitachi Cosminexus Application Server=07_00
Hitachi uCosminexus Application Server=06_72_g
Hitachi Cosminexus Application Server=06_51
Hitachi Cosminexus Application Server=06_70_a
Hitachi Cosminexus Application Server=06_50_b

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is the severity of CVE-2007-4563?

    CVE-2007-4563 is classified as a high severity vulnerability due to its potential to allow local users to gain elevated privileges.

  • How do I fix CVE-2007-4563?

    To mitigate CVE-2007-4563, it is recommended to apply patches provided by Hitachi for the affected versions of the Cosminexus Application Server.

  • What systems are affected by CVE-2007-4563?

    CVE-2007-4563 affects various versions of the Hitachi Cosminexus Application Server, including versions 06-50 and later.

  • What kind of vulnerability is CVE-2007-4563?

    CVE-2007-4563 is a local privilege escalation vulnerability that impacts user group permissions.

  • Who reported CVE-2007-4563?

    CVE-2007-4563 was publicly disclosed as a result of security research and is documented in the vulnerability database.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203